package com.ruoyi.modules.monitor.config;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

/**
 * 监控权限配置
 *
 * @author ruoyi
 */
@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
  private final String adminContextPath;

  public WebSecurityConfigurer(AdminServerProperties adminServerProperties) {
    this.adminContextPath = adminServerProperties.getContextPath();
  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler =
        new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    http.headers()
        .frameOptions()
        .disable()
        .and()
        .authorizeRequests()
        .antMatchers(
            adminContextPath + "/assets/**",
            adminContextPath + "/login",
            adminContextPath + "/actuator/**",
            adminContextPath + "/instances/**")
        .permitAll()
        .anyRequest()
        .authenticated()
        .and()
        .formLogin()
        .loginPage(adminContextPath + "/login")
        .successHandler(successHandler)
        .and()
        .logout()
        .logoutUrl(adminContextPath + "/logout")
        .and()
        .httpBasic()
        .and()
        .csrf()
        .disable();
  }
}
